Lucene search
K

113 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/10 4:3 p.m.4 views

CVE-2026-35648

OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or declarations that survive policy tightening to execute unauthorized commands...

3.7CVSS5.9AI score0.00217EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.6 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from nodes that performed operations without revalidating according to the current command policy during...

5.9CVSS5.9AI score0.00217EPSS
Exploits0References4
Amazon
Amazon
added 2026/04/07 12:0 a.m.9 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path CVE-2024-14027 In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2 to change attributes class CVE-2025-71239 In the Linux...

9.8CVSS5.8AI score0.00812EPSS
Exploits2
Amazon
Amazon
added 2026/04/01 12:0 a.m.5 views

Medium: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2 to change attributes class CVE-2025-71239 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata...

9.8CVSS5.7AI score0.0049EPSS
Exploits0
Snyk
Snyk
added 2026/03/26 9:14 p.m.3 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization due to the lack of revalidation of queued node actions against the current policy at the time of delivery. An attacker can execute previously allowed actions that...

6.9CVSS6AI score0.00217EPSS
Exploits0References3
OSV
OSV
added 2026/03/26 9:14 p.m.2 views

GHSA-WJ55-88GF-X564 OpenClaw may have stale policy enforcement for queued node actions

Summary Queued node actions were not revalidated against current command policy when later delivered, so stale allowlists or declarations could survive policy tightening. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

3.7CVSS5.9AI score0.00217EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/03/26 9:14 p.m.5 views

OpenClaw may have stale policy enforcement for queued node actions

Summary Queued node actions were not revalidated against current command policy when later delivered, so stale allowlists or declarations could survive policy tightening. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

5.9CVSS5.8AI score0.00217EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/19 12:27 a.m.4 views

SUSE CVE-2026-23249

In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm that the corruptions a...

5.7AI score0.00141EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/18 6:31 p.m.5 views

EUVD-2026-12852

In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm that the corruptions a...

5.7AI score0.00141EPSS
Exploits0References5
NVD
NVD
added 2026/03/18 6:16 p.m.4 views

CVE-2026-23249

In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm that the corruptions a...

5.5CVSS0.00141EPSS
Exploits0References4
OSV
OSV
added 2026/03/18 6:16 p.m.6 views

UBUNTU-CVE-2026-23249

In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm that the corruptions a...

5.5CVSS5.7AI score0.00141EPSS
Exploits0References13
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:1 p.m.6 views

CVE-2026-23249

In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm that the corruptions a...

5.6AI score0.00141EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/03/18 5:1 p.m.20 views

CVE-2026-23249 xfs: check for deleted cursors when revalidating two btrees

In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm that the corruptions a...

0.00141EPSS
Exploits0References4
OSV
OSV
added 2026/03/18 5:1 p.m.5 views

CVE-2026-23249 xfs: check for deleted cursors when revalidating two btrees

In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm that the corruptions a...

5.5CVSS5.7AI score0.00141EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-23249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after whi...

5.5CVSS6.1AI score0.00141EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/17 8:33 p.m.9 views

AVideo vulnerable to unauthenticated SSRF via HTTP redirect bypass in LiveLinks proxy

Summary The plugin/LiveLinks/proxy.php endpoint validates user-supplied URLs against internal/private networks using isSSRFSafeURL, but only checks the initial URL. When the initial URL responds with an HTTP redirect Location header, the redirect target is fetched via fakeBrowser without...

8.6CVSS5.9AI score0.00453EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.11 views

PT-2026-25997

Summary The plugin/LiveLinks/proxy.php endpoint validates user-supplied URLs against internal/private networks using isSSRFSafeURL, but only checks the initial URL. When the initial URL responds with an HTTP redirect Location header, the redirect target is fetched via fakeBrowser without...

8.6CVSS6AI score0.00453EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/01/26 9:8 p.m.5 views

CVE-2026-20883

Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches. Mitigation Mitigation for this issue is either not available or the...

6.5CVSS5.8AI score0.00333EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/01/23 4:15 p.m.6 views

CVE-2025-71160

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...

5.5CVSS5.7AI score0.00164EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2026/01/23 3:23 p.m.2 views

CVE-2025-71160

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...

5.7AI score0.00164EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder